The superadmin user in PIM is used to access the ENTM environment and therefore, losing its password may render the management GUI unusable unless other users are provisioned with similar privileges.
Can I reset or change the password of the superadmin account if I lost it after installation ?
Environment
CA PIM 12.X, 14.X and CA PAM SC 14.X ENTM on Windows
A very similar procedure applies to UNIX
Resolution
The superadmin password is encrypted and may not be retrieved in clear text, so the only thing we can do is to encrypt it again using a tool called pwdTools
Assuming you know the password for superadmin, running this command should yield a result which should be the same as the encrypted password obtained following the procedure above. For instance if the superadmin password were 'password' then both the query result and the PwdTools.bat result should be {AES}:4zERcmCrsLJtiuDaiygdmA==
If both results are different, it means that the superadmin password stored is different from the one that we want to set and so we would update the database to use the new encrypted passphrase:
SQL> update tblusers set password='{AES}:4zERcmCrsLJtiuDaiygdmA==' where loginid='superadmin'; SQL> commit;
If AD is used as a user store, you can export ac-dir.xml through the Identity Manager management console page, idmmanage and then you can replace the encrypted password in this xml with the password encrypted with PwdTools.bat as explained above. Then you import ac-dir.xml again into PIM.
Note that the Identity Manager page is not enabled by default. If you need to access it you need to follow this procedure